Slashdot Mirror


WinAmp Security Hole Discovered, Patched

Sbarbero writes "According to Techworld.com, a significant security hole has been discovered in NullSoft's WinAmp, meaning everyone should upgrade to the 5.03 version the makers have just put out right now. Security company NGS has found that the exploit 'can be activated remotely simply by rendering a specially crafted html document' and will run arbitrary code - they have a full advisory on their site." Oddly enough, the vulnerability is in the playback for the classic .XM 'tracker' music format.

6 of 393 comments (clear)

  1. excellent by Anonymous Coward · · Score: -1, Flamebait

    maybe this will help solve the nigger problem.

    (too many niggers, you see)

    1. Re:excellent by Anonymous Coward · · Score: -1, Flamebait

      nothing will ever solve that problem...

      the only hope is to organize them together!!!

      Join the GNAA now and make the world a better place!!!!

  2. If you wanted to be secure by Anonymous Coward · · Score: -1, Flamebait

    You'd go with Microsoft Windows Media Player 9 in the first place. Those downloading free software get every penny's worth.

  3. Re:Where's my patched 2.9x? by Anonymous Coward · · Score: -1, Flamebait

    Hey Asshole...

    http://winamp.com/player/free.php

    There's a lite version thats less than 700K.

    Maybe you should do your fucking homework before you open your mouth.

  4. Re:What I think everyone wants to know is... by Anonymous Coward · · Score: -1, Flamebait

    It says right in the article, you fucking retard.. Quit whoring trying to get "Insightful" karma and READ THE FUCKING ARTICLES.

  5. Hypocrisy by kiwioddBall · · Score: -1, Flamebait

    I find it curious that when Nullsoft patch a security bug and release it that it receives a positive sounding 'good on you' report for doing it the right way, however if Microsoft do exactly the same thing they receive collective hatred for having the bug in the first place.

    Are you folk biased against Microsoft? I suspect nothing could change your opinion.

    P.S. Normal practice is for you to now mod me down to 0 and suck my karma for daring to say something negative about the Slashdot community, or positive about Microsoft.

    Diclaimer : I don't work for Microsoft but I don't have too many complaints about their software either.